Here is a patch [[tag patch]] to add a forwarding functionality
to the [[meta
_plugin|plugins/meta]].
Find the most recent version at
http://www.schwinge.homeip.net/~thomas/tmp/meta_forward.patch.
I can't use scrub(...)
, as that will strip out the forwarding HTML command.
How to deal with that?
I can also submit a Git patch, if desired.
Syntax
URL = http://some.nice/place/ (etc.)
WHITHER = [[[[wikilink]]]] | URL
D = natural number (meaning seconds)
OPT_DELAY = delay=D | empty (immediatelly)
[[meta forward="WHITHER" OPT_DELAY]]
Extensions and Ideas
It might be doable to add references to pages that refer to the page containg
the forwarding statement also to the referred-to page.
--[[tschwinge]]
The html scrubber cannot scrub meta headers. So if you emit one
containing user-supplied data, it's up to you to scrub it to avoid all
possible XSS attacks. Two attacks I'd worry about are cyclic meta refresh
loops, which some, but not all web browsers detect and break, and any way
to insert javascript via the user-supplied parameters. (Ie, putting
something in the delay value that closes the tag can probably insert
javascript ATM; and are there ways to embed javascript in the url?)
--[[Joey]]
OK. I can add code to make sure that $delay
D indeed is a natural number
and that the passed target address WHITHER is nothing but a valid target address.
(How to qualify a valid target address?)
What is a cyclic meta refresh loop? Two pages in turn forwarding to each other?
I think it would be possible to implement such a guard when only in-wiki links
([[wikilink]]s) are being used, but how to do so for external links? --[[tschwinge]]